Zero-Correlation Linear Cryptanalysis of Block Ciphers
نویسندگان
چکیده
Linear cryptanalysis, along with differential cryptanalysis, is an important tool to evaluate the security of block ciphers. This work introduces a novel extension of linear cryptanalysis – zero-correlation linear cryptanalysis – a technique applicable to many block cipher constructions. It is based on linear approximations with a correlation value of exactly zero. For a permutation on n bits, an algorithm of complexity 2 is proposed for the exact evaluation of correlation. Non-trivial zero-correlation linear approximations are demonstrated for various block cipher structures including AES, balanced Feistel networks, Skipjack, CLEFIA, and CAST256. Using the zero-correlation linear cryptanalysis, a key-recovery attack is shown on 6 rounds of AES-192 and AES-256 as well as 13 rounds of CLEFIA-256.
منابع مشابه
Zero Correlation Linear Cryptanalysis with Reduced Data Complexity
Zero correlation linear cryptanalysis is a novel key recovery technique for block ciphers proposed in [5]. It is based on linear approximations with probability of exactly 1/2 (which corresponds to the zero correlation). Some block ciphers turn out to have multiple linear approximations with correlation zero for each key over a considerable number of rounds. Zero correlation linear cryptanalysi...
متن کاملZero Correlation Linear Cryptanalysis on LEA Family Ciphers
—In recent two years, zero correlation linear cryptanalysis has shown its great potential in cryptanalysis and it has proven to be effective against massive ciphers. LEA is a block cipher proposed by Deukjo Hong, who is the designer of an ISO standard block cipher HIGHT. This paper evaluates the security level on LEA family ciphers against zero correlation linear cryptanalysis. Firstly, we ide...
متن کاملLinear hulls with correlation zero and linear cryptanalysis of block ciphers
Linear cryptanalysis, along with differential cryptanalysis, is an important tool to evaluate the security of block ciphers. This work introduces a novel extension of linear cryptanalysis: zero-correlation linear cryptanalysis, a technique applicable to many block cipher constructions. It is based on linear approximations with a correlation value of exactly zero. For a permutation on n bits, an...
متن کاملAn Approach of Zero Correlation Linear Cryptanalysis
Differential and Linear Cryptanalysis are two most popular techniques that have been widely used to attacks block ciphers to reveal its weakness in substitution and permutation network. Most of the block ciphers which are resistant against Differential and Linear Cryptanalysis may not be immune to their latest extensions such as Impossible Differential Cryptanalysis (IDC) and Zero Correlation L...
متن کاملCharacterizations of the Degraded Boolean Function and Cryptanalysis of the SAFER Family
This paper investigates the degradation properties of Boolean functions from the aspects of the distributions of differences and linear masks, and shows two characterizations of the degraded Boolean function. One is that there exists a linear space of the input differences, where the differentials with the zero output difference have probability 1; Another one is that the input linear masks of ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2011 شماره
صفحات -
تاریخ انتشار 2011